package org.jaronsource.framework.plugins.security.web.taglib;

import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;

import org.jaronsource.framework.plugins.security.SecurityTokenHolder;
import org.jaronsource.framework.plugins.security.SecurityUtils;
import org.jaronsource.framework.plugins.security.domain.SecurityToken;

public class NoPermTag extends TagSupport {

	private static final long serialVersionUID = 2314845771987747293L;

	private String permCode;

	public String getPermCode() {
		return permCode;
	}

	public void setPermCode( String permCode ) {
		this.permCode = permCode;
	}

	@Override
	public int doStartTag() throws JspException {
		SecurityToken token = SecurityTokenHolder.getSecurityToken();
		if ( token == null ) { return EVAL_BODY_INCLUDE; }

		boolean noPerm = !SecurityUtils.hasPerm( token, permCode );

		return noPerm ? EVAL_BODY_INCLUDE : SKIP_BODY;
	}
}
